local 192.168.1.150 # This is the IP address of the real network interface on the server connected to the router

port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP

proto udp # UDP tends to perform better than TCP for VPN

mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop

push "dhcp-option DNS X.X.X.X" # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS)

push "dhcp-option DNS X.X.X.X" # A second DNS server if you have one

dev tap

dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name

ca "C:\Program Files\OpenVPN\easy-rsa\keys\ca.crt"

cert "C:\Program Files\OpenVPN\easy-rsa\keys\server.crt"

key "C:\Program Files\OpenVPN\easy-rsa\keys\server.key" # This file should be kept secret

dh "C:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem"

server 192.168.10.0 255.255.255.128 # This assigns the virtual IP address and subent to the server's OpenVPN connection. Make sure the Routing Table entry matches this.

ifconfig-pool-persist ipp.txt

push "redirect-gateway def1" # This will force the clients to use the home network's internet connection

keepalive 10 120

cipher BF-CBC # Blowfish (default) encryption

comp-lzo

max-clients 100 # Assign the maximum number of clients here

persist-key

persist-tun

status openvpn-status.log

verb 1 # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting

lines starting with # or ; will not be read by OpenVPN

improved intermediate static key server and client USE the openvpngui.exe installer first, make sure you install the client & the RSA and SSH stuff!

------------------------ server.ovpn ------------------------ local 192.168.1.30 port 1195 proto udp

dev tun

ifconfig 10.8.1.1 10.8.1.2

secret static.key

verb 3

-------------------client------------------------------------- port 1195 proto udp

remote 212.69.61.62 1195

resolv-retry infinite

dev tun ifconfig 10.8.1.2 10.8.1.1 secret static.key

route 192.168.1.0 255.255.255.0

verb 3

If you must use the c:\windows\system32\etc\hosts file remember ipconfig /flushdns

AND static.key must be in the config folder (if you run as service)

i remade the keys, first the build-key-server.bat server and then build-key.bat client1 with both having the same answers

UK London London COMPANY default = support@company.co.uk common name = openvpnserver

default (enter ) for all the rest

THEN (but new keys didn't work) moving the keys directory with ca.key, ca.crt, server.crt and dh1024.pem into the bin directory

openvpn setup continued

dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name

lines starting with # or ; will not be read by OpenVPN

Published

Category

~382 words

Tags